Three Issues That Will Keep Corporate Directors On Their Toes In 2018

In 2018, corporate directors can expect unprecedented challenges.

We say this based on dozens of discussions this past year with boardroom stakeholders – including proxy advisors, directors, and active and passive investors.

The following three areas look certain to make boards up their game:

1) Cybersecurity risks

In 2017, a single cybersecurity attack cost U.S. companies an average of nearly $900,000. Just two years ago, a single attack came with an average price tag of nearly $500,000.

In 2018, there may be disclosure regulations coming from the Securities and Exchange Commission (SEC). The impetus? In mid-2017, the SEC revealed that its EDGAR filing system was hacked. The new SEC Chair, Jay Clayton, looks like he won’t be having the crisis go to waste. In September, he issued a statement that laid out the SEC’s cybersecurity risk mitigation plan – one that we expect public companies to emulate.

But with the number of breaches increasing, companies must take steps on their own. We see more and more boards debating the extent to which their directors should have or gain cyber expertise. Our research suggests that the use of advisory boards made up of outside cyber experts could go a long way. We expect to see more boards using outside cyber experts to shore up their knowledge on cybersecurity.

2) Effective shareholder engagement policy

Five years ago, the notion of a company, let alone a board, having a formal shareholder engagement policy was unheard of.

But now, more and more passive institutional investors tell us that they expect the board to have a formal engagement policy – and to boot, routine engagement reports.

The largest passive investors – Vanguard, BlackRock, and State Street Global Advisors – have led the way; namely, by meeting with more companies to discuss governance issues that include board diversity, sustainability-related risk mitigation, and proxy access. These investors have recently adopted investor stewardship principles that focus on board composition, governance structures, and director knowledge.

For guidance on shareholder engagement, boards can start by asking management to share more information about its communications with the company’s largest shareholders about governance, along with the proxy voting policies and stewardship principles of its top shareholders. That information will go a long way toward giving the board the foundation it needs to develop and carry out an effective shareholder engagement plan.

3) Climate change acumen

Global mega-trends such as resource scarcity and climate change are becoming ever more relevant to board discussions about strategy, risk, and performance. As just one indicator, in 2017 proposals asking companies to publish a sustainability report attracted record-high backing: average support clocked in at nearly 32 percent of votes – up from 26 percent in 2016. Moreover, one recent examination by The Conference Board stated that sustainability oversight is now a board-level issue, driven increasingly by the scale of business risks and opportunities posed by sustainability issues and a sense of urgency given these impacts.

Directors need to understand the meaning of “climate-competency.” That’s the term small and large investors are using to describe one of the expectations they have for directors. As our research has shown, boards that are engaged on sustainability issues are more likely to take a longer-term view and thus are able to better foresee and prepare companies for potential risks and opportunities. The issue of climate change isn’t going away anytime soon.

Douglas Chia and Gary Larkin
Doug Chia is the executive director of The Conference Board Governance Center. Previously, he had served as board chair of the Society for Corporate Governance and corporate secretary of Johnson & Johnson. Gary Larkin is a research associate for The Conference Board focusing on corporate governance. He has been a governance thought leader for more than 13 years, having worked in the governance practices for KPMG and PwC.